Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9169ADA/FF3201CEA6B211E98D2B1860C4F9AE02/AF573166309511EABE9B5934C4F9AE02.roa
File: AF573166309511EABE9B5934C4F9AE02.roa (raw, json)
Hash identifier: wBVLudr4r1jyDPH+Ghnt4yYJmAXvAyl8ooTj+H1Y8oI=
Subject key identifier: 27:42:7E:24:F8:B3:AC:80:DD:4A:96:9D:A7:9D:62:FB:EB:0A:14:A8
Certificate issuer: /CN=A9169ADA/serialNumber=C41715FEF200133D9123250FBB6531E88A4A99DA
Certificate serial: 0DF2
Authority key identifier: C4:17:15:FE:F2:00:13:3D:91:23:25:0F:BB:65:31:E8:8A:4A:99:DA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xBcV_vIAEz2RIyUPu2Ux6IpKmdo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9169ADA/FF3201CEA6B211E98D2B1860C4F9AE02/AF573166309511EABE9B5934C4F9AE02.roa
Signing time: Wed 04 Dec 2024 17:56:00 +0000
ROA not before: Wed 04 Dec 2024 17:55:59 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 60068
IP address blocks: 45.121.202.0/24 maxlen: 24
103.15.193.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3570 (0xdf2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9169ADA
Validity
Not Before: Dec 4 17:55:59 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=675097af-b60e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:64:71:31:bd:73:63:e8:0e:50:f3:3c:0e:ff:
72:dd:62:2e:dc:fb:fe:ce:5d:e1:c4:98:e2:e6:40:
6b:46:d1:92:1c:17:f4:ee:36:21:12:c5:df:98:bb:
bd:8a:fb:c9:ea:db:8c:98:ee:2d:6e:97:e2:85:0d:
52:cc:f5:e6:fe:e7:8e:b9:6b:d8:0f:9d:2c:b5:f8:
72:41:68:c8:05:60:3b:1e:0b:8d:c7:d4:92:33:3b:
6f:a7:b4:a6:b8:d6:1a:c5:fa:55:a9:24:fb:5e:da:
2d:fe:7c:4c:73:14:71:aa:cc:ce:74:55:63:45:60:
5c:8b:8f:ba:dd:6c:10:a6:6a:2a:6c:5f:81:b1:50:
1a:48:c7:49:8b:b1:f9:46:de:ff:28:5f:3d:f7:e5:
12:df:a2:11:8b:4b:2f:16:a0:ea:04:18:c1:28:dd:
50:c2:2f:95:b6:da:c7:15:6b:21:96:c3:fa:7b:4b:
70:97:33:5a:7c:dc:f8:85:f6:e7:c4:a8:66:63:de:
5e:4b:3c:35:1a:1c:4e:49:4b:59:ac:4e:b3:e3:48:
42:0f:b9:6e:67:37:00:28:c2:e5:e8:56:5d:51:aa:
5b:4d:43:bf:a1:a7:bf:e7:c8:76:dd:13:b7:3e:76:
ea:6b:fd:d1:bd:d1:11:17:63:81:fe:b0:f8:5c:e4:
de:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:42:7E:24:F8:B3:AC:80:DD:4A:96:9D:A7:9D:62:FB:EB:0A:14:A8
X509v3 Authority Key Identifier:
keyid:C4:17:15:FE:F2:00:13:3D:91:23:25:0F:BB:65:31:E8:8A:4A:99:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9169ADA/FF3201CEA6B211E98D2B1860C4F9AE02/xBcV_vIAEz2RIyUPu2Ux6IpKmdo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xBcV_vIAEz2RIyUPu2Ux6IpKmdo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9169ADA/FF3201CEA6B211E98D2B1860C4F9AE02/AF573166309511EABE9B5934C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.121.202.0/24
103.15.193.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:0a:46:6b:c8:71:1a:f8:16:7e:31:68:fc:77:71:8e:5e:0e:
a7:ea:db:01:85:67:e5:cd:bb:fd:54:5a:d9:03:9d:9c:f3:5e:
b5:64:20:10:d5:37:ef:c1:a0:1c:68:70:fb:d3:f4:70:e6:de:
07:3e:04:a1:4c:17:d7:52:d5:68:b4:b5:65:9c:a0:4a:42:1a:
66:ff:e2:53:11:e1:56:f0:15:ad:e7:86:e5:67:3f:70:d7:6e:
d0:9d:b9:d3:eb:c9:5d:23:81:9c:f9:63:09:0f:20:6e:14:61:
e9:f2:f3:e6:49:68:a4:48:ae:bc:ce:46:25:68:10:25:eb:85:
46:b4:4b:04:e5:a8:e0:f8:92:ba:20:ba:96:60:53:e1:05:70:
b8:66:d5:39:8e:38:75:21:11:26:5a:48:86:a0:5b:43:19:27:
30:7b:b2:7a:56:d9:c4:49:d1:15:6a:a1:87:82:75:d7:98:5b:
8f:31:2a:8b:f1:df:9d:00:ef:4d:5c:e6:f7:2b:ab:04:a7:92:
13:aa:2b:da:ea:1a:04:ca:78:5b:70:29:c5:69:39:d2:08:1b:
bc:72:fd:7a:cc:07:d2:46:bf:e3:53:a5:91:aa:52:17:e2:39:
c1:2f:be:e9:33:76:af:35:c2:e9:ba:7e:54:ea:d5:fe:6b:05:
05:a2:f1:0d
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICDfIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjlBREExMTAvBgNVBAUTKEM0MTcxNUZFRjIwMDEzM0Q5MTIzMjUwRkJCNjUzMUU4
OEE0QTk5REEwHhcNMjQxMjA0MTc1NTU5WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzUwOTdhZi1iNjBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu2RxMb1zY+gOUPM8Dv9y3WIu3Pv+zl3hxJji5kBrRtGSHBf07jYhEsXfmLu9
ivvJ6tuMmO4tbpfihQ1SzPXm/ueOuWvYD50stfhyQWjIBWA7HguNx9SSMztvp7Sm
uNYaxfpVqST7Xtot/nxMcxRxqszOdFVjRWBci4+63WwQpmoqbF+BsVAaSMdJi7H5
Rt7/KF899+US36IRi0svFqDqBBjBKN1Qwi+VttrHFWshlsP6e0twlzNafNz4hfbn
xKhmY95eSzw1GhxOSUtZrE6z40hCD7luZzcAKMLl6FZdUapbTUO/oae/58h23RO3
Pnbqa/3RvdERF2OB/rD4XOTetwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFCdCfiT4
s6yA3UqWnaedYvvrChSoMB8GA1UdIwQYMBaAFMQXFf7yABM9kSMlD7tlMeiKSpna
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OUFEQS9GRjMyMDFDRUE2
QjIxMUU5OEQyQjE4NjBDNEY5QUUwMi94QmNWX3ZJQUV6MlJJeVVQdTJVeDZJcEtt
ZG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3hCY1ZfdklBRXoyUkl5VVB1MlV4NklwS21kby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjlBREEvRkYzMjAxQ0VBNkIyMTFFOThEMkIxODYwQzRGOUFFMDIvQUY1NzMxNjYz
MDk1MTFFQUJFOUI1OTM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAAtecoDBABnD8EwDQYJKoZIhvcNAQELBQADggEBALcKRmvI
cRr4Fn4xaPx3cY5eDqfq2wGFZ+XNu/1UWtkDnZzzXrVkIBDVN+/BoBxocPvT9HDm
3gc+BKFMF9dS1Wi0tWWcoEpCGmb/4lMR4VbwFa3nhuVnP3DXbtCdudPryV0jgZz5
YwkPIG4UYeny8+ZJaKRIrrzORiVoECXrhUa0SwTlqOD4krogupZgU+EFcLhm1TmO
OHUhESZaSIagW0MZJzB7snpW2cRJ0RVqoYeCddeYW48xKovx350A701c5vcrqwSn
khOqK9rqGgTKeFtwKcVpOdIIG7xy/XrMB9JGv+NTpZGqUhfiOcEvvukzdq81wum6
flTq1f5rBQWi8Q0=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:20:35 2025 by rpki-client